Policy Library

The Policy Library is the landing page for Segregation of Duties inside IGA > SoD. It lists all SoD policies in your organization and is the starting point for creating, managing, and monitoring policies.

Navigate to IGA > SoD > Policy Library to open it.

Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns

!Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns

Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns

Policy Library showing the Active Violations count column and row-level action menu

!Policy Library showing the Active Violations count column and row-level action menu

Policy Library showing the Active Violations count column and row-level action menu

Each row shows the policy name, policy ID, status, owners, active violations count, created by, and available actions. Use the filter icon to narrow the list by Policy Name, Status, Owners, Last Run Violations, or Created At.

Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options

!Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options

Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options

Select Create Policy to open the 5-step creation wizard.

Manage a policy

The three-dot menu on any policy row, or in the policy detail page header, exposes the following actions.

The following table describes each policy action.

ActionDescription
Create DraftCreates an editable draft from the current published version. Use this to edit a published policy, including changing enforcement mode, without affecting the live version.
Run EvaluationManually triggers a detection run immediately, outside the configured schedule.
DuplicateCreates a copy of the policy in Draft status.
UnpublishDeactivates the policy. Zluri blocks unpublishing when the policy has active violations, active exemptions, or ongoing runs. A tooltip explains the requirement.
ArchivePermanently archives the policy.

Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive

!Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive

Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive

Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive

!Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive

Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive

Policy Library row showing the same action menu without the tooltip, where Unpublish is available

!Policy Library row showing the same action menu without the tooltip, where Unpublish is available

Policy Library row showing the same action menu without the tooltip, where Unpublish is available

Promote a policy from Monitor to Enforce

Upgrade a published Monitor-mode policy to Enforce mode without re-creating it.

Steps

  1. Open the published policy.
  2. Select the three-dot menu and choose Create Draft. Zluri creates a draft copy of the policy.
  3. In the Remediation step of the draft, change the mode from Monitor to Enforce.
  4. Configure the Violation Handling shape, Assignee, and Playbooks for each set.
  5. Set a Risk level.
  6. Enter a Publish Note and select Publish.

Zluri back-tests existing open violations against the new enforcement configuration after publishing. To revert to Monitor mode, create a new draft, switch the mode back to Monitor, enter a Publish Note, and re-publish.